Let’s Encrypt automates certificate renewals. It sells the idea that you install a client and don’t have to think about it again. This requires reliability that has to start with Let’s Encrypt itself. We can now see that with KeyChest.
Keep an Eye on Let’s Encrypt Performance
Jun 28, 2020 2:30:45 PM / by Dan posted in letsencrypt, https, keychest
Let's Encrypt Revokes 3,000,000 Certs
Mar 3, 2020 11:15:27 PM / by Dan posted in letsencrypt
Bottom line - if your certificates are affected and you will not renew and deploy new certs within hours, you will have effective downtimes - certificates will be revoked and invalid. The estimated total is 3 million, of which 1 million are duplicates.
Is Let's Encrypt The Weakest Link of Internet?
Mar 1, 2020 8:55:16 PM / by Dan posted in letsencrypt
It takes 3-5 years to build a new internet certificate issuer. Web browsers make it very hard or impossible to visit web pages without encryption. It is almost as important as DNS. Let's Encrypt supplies certificates to 60% of the internet. Is the dependence on $14 million company a reasonable risk?
Let's Encrypt - 1bln, Time To Beat Others On Uptime
Feb 28, 2020 8:17:16 AM / by Dan posted in letsencrypt
So Let's Encrypt issued a billionth certificate yesterday. It is an absolutely amazing number and I'm pretty sure no-one would have thought 5 years ago that any single CA can ever achieve this number.
Let's Encrypt certificate into Java JKS
Feb 19, 2020 3:44:59 PM / by Dan posted in letsencrypt
If you have Java applications you need to convert Linux PEM files created by Let's Encrypt clients into JKS. It's just a few steps, if you know which ones.
Scalable Certificate Monitoring
Feb 14, 2020 9:53:10 AM / by Dan posted in letsencrypt, certificate, incident response
The enforcement of HTTPS by web browsers has introduced the pain of certificate management to small and medium businesses. My rules of thumb to make your life much easier.
How Let's Encrypt Works
Jan 24, 2020 8:33:05 AM / by Dan posted in letsencrypt, key management
You may well know that Let's Encrypt is a not-for-profit organization that provides SSL certificates for free. You may also know there is a huge number of "clients" - small software packages that you need to install on your server to start using Let's Encrypt. There is relatively little information about how it actually works.
Let’s Encrypt for Companies with KeyChest
Dec 3, 2019 1:53:43 PM / by Dan posted in letsencrypt, https, keychest
Let’s Encrypt has a number of downsides when used on a large scale. It uses modern key management protocols, but the high-level of automation requires management. This is what KeyChest provides.
Certificate Monitoring - HTTPS/TLS
Nov 28, 2019 11:36:08 AM / by Dan posted in letsencrypt, certificate, https
As we continuously improve our own certificate management service, we keep an eye on other tools. There is a wide range of services and each of us has different requirements and preferences.
Let's Encrypt Uptime - 2 years on
Nov 24, 2019 5:37:46 PM / by Dan posted in letsencrypt, https
I have looked at the service disruptions of Let's Encrypt back at the end of 2017. Two years on, I had another look - and compared twelve months periods.
